CB750faces Posted July 4, 2021 Share Posted July 4, 2021 (edited) My PS is recently hacked. The hacker changed my admin password and the Paypal module credentials. The payments of a few orders went to his account. Luckily, my customers know me and they opened a dispute with Paypal. What me concerned is that I changed my passwords, deactivated the other administrator accounts and changed the admin URL, but the hacked was still able to enter the admin environment and changed the Paypal credentials again. He also added a new employee with admin rights. I shut down the webshop, but will be back as soon as possible. What can I do to avoid that this hacker enters my admin again? Is an authenticator app safe enough? Edited July 4, 2021 by CB750faces (see edit history) Link to comment Share on other sites More sharing options...
Nickz Posted July 4, 2021 Share Posted July 4, 2021 4 hours ago, CB750faces said: I shut down the webshop, but will be back as soon as possible. What can I do to avoid that this hacker enters my admin again? Is an authenticator app safe enough? He has access. Change the hosting and rebuild is the only safe way. Sorry. Link to comment Share on other sites More sharing options...
endriu107 Posted July 4, 2021 Share Posted July 4, 2021 Probably you have voulnerable third party module, you need to find waht file give him access and fix it. Link to comment Share on other sites More sharing options...
joseantgv Posted July 5, 2021 Share Posted July 5, 2021 Do you have a WordPress in the same server? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now